Malware introduction and data theft via USB are a classic danger in the enterprise. It is reasonably easy to disable support for USB storage devices in linux, it just isn't usefriendly

see this solution:

http://www.howopensource.com/2011/08/how-to-disable-and-enable-usb-device-in-li nux/

while this is easy to implement, it would be nice in a corporate environment to simply set a flag at installation that makes this default - and that keeps the kernel signed for UEFI.

I am going to use a few terms that will get knee jerk reactions, please bear with me. I work in a highly security sensitive area and I would like to be able to use Ubuntu. But I need to be able to avoid things like the evil maid and ideally the cold boot attack.

For this I want an environment that lets me be sure that my machine has not been compromised. This requires integration of:

- OPAL SEDs
- TPM (just store your own keys and don't use software that limits your use of the computer)
- UEFI

At the moment we have no chance for an integrated solution for this in Linux. There is no solution for a RADIUS or LDAP based pre-boot s/w for OPAL, There is no solution for tw-factor authentication for OPAL, using a key stored on the TPM together with passowrd or RADIUS or LDAP authentication. Windows 8, together with 3rd party tools, offers all these features. Have a look here: http://social.technet.microsoft.com/Forums/en-US/w8itprosecurity/thread/ec8de85 2-f9d6-46d8-9fb3-80faef40619d

These features should be possible to disable of course.

This article in The register shows that OpenSSL is currently not secure: http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ We need a way to supply TLS 1.2

While both Evolution and Thunderbird are great applications, Thunderbird should become the default email client available on Ubuntu.

I think that Ubuntu should have it's own networking center, where you can remote desktop and send a network message to other Ubuntu computers, along file share using normal 'Shared Folders'

I personally think the one thing that really lacks in Ubuntu is the networking features, you click 'Places' then 'Network' then all you have is a 'Windows Network' folder.
And the 'Connect to Server' option isn't very 'noob friendly.'

Ubuntu Network Center would view all devices on the network along with their IP, and Name, and the ability to connect, view shared folders and files and send a message through the network to that computer.

Like the image below:



If the image has come up as a bunch of code . . . here's the image here:

http://lh3.ggpht.com/_bYuyDUFb0tU/TNZWDQUfAzI/AAAAAAAACEs/D0p93LE30F4/s400/Scre enshot.png

Linux and ubuntu currently fall down for corporate usage in the area of user administration. passwd is strictly local and while the tools for central user administration and hosting of user profiles are available one has to build everything manually.